JP2020009118A - Personal authentication method at financial institution - Google Patents

Abstract

To provide a new personal authentication method at a financial institution that prevents unauthorized transactions at the financial institution and secures transaction security without impeding speed of transactions.SOLUTION: A personal identification method includes: a formal authentication R in which a financial institution U collates/determines the conformity of an authentication item preliminarily registered in the financial institution U to an authentication item 70 presented from a transactor 1 to the financial institution U; preprocessing 10 in which information on presence/absence of the completion of the formal authentication R, contents of a specific transaction, and a formal authentication completion date is obtained using a contractor number 15 of the transactor 1 detected from the authentication item 70 of the formal authentication R; and additional authentication A which is independent by separation from the formal authentication and in which procedures 1 to 5 are performed sequentially, wherein authentication by the additional authentication A is performed after the completion of the formal authentication R.SELECTED DRAWING: Figure 3

Description

  The present invention is an identity authentication method for a financial institution to determine whether or not a trader has the independent ability in a specific transaction with a financial institution. On how to prevent.

  In recent years, a form of transaction with a financial institution is to select a mechanical device such as an ATM (automatic teller machine) installed at a financial institution or another place in place of a window transaction, and use an IT system such as the Internet. With the rapid spread of infrastructure and changes in the social and living environment, Internet banking that does not require direct visits to financial institutions and ATMs is rapidly spreading and expanding. On the other hand, forgery of cash cards used as personal authentication items to confirm the independence of the trader in these transactions and theft of Internet banking IDs and passwords have led to crimes in which deposits were withdrawn illegally. The tricks are constantly becoming more complicated and sophisticated.

  “Phishing fraud” and “illegal money transfer virus” are known as typical methods of illegal money transfer in Internet banking. For example, phishing scams use fraudulent criminals to send fraudulent emails pretending to be financial institutions to the subscribers to deceive the subscribers, and for the fraudsters to impersonate the financial institution listed in the fake emails. Access to "homepage" and follow the guidance to input information such as "ID / password, random number table data", steal the information and access "real homepage" of financial institution to carry out illegal remittance. is there.

  As a security measure against illegal remittances in Internet banking as described above, the "Phishing Countermeasures Council" has been "watching for suspicious mail." "Watch out for a login screen different from usual." "The OS and software are always up to date. Guidelines, such as "keep the virus definition database updated", "check your account regularly", and "install software to prevent unauthorized remittances". .

  According to a report by the National Police Agency, the damages caused by illegal remittances in Internet banking were 64 cases in 2012, about 48 million yen, but in 2013, they were 1,315 cases, about 1,460 million yen. In 2015, the damage amounted to 1,495 cases, about 3,073 million yen, more than double the amount of the previous year. ing.

  On the other hand, the financial institution also sends a one-time password to the user by e-mail at the time of confirmation of transfer to a destination other than the registration destination, generates it using an application on the smartphone, and creates a transaction confirmation password. We are taking measures to use it. Furthermore, recently, a confirmation key for personal identification in a predetermined transaction request via the Internet is generated from transaction history information when using an ATM, and transmitted to the ATM, and the user receives the confirmation key via the ATM. Thus, there is also provided a means used as an auxiliary identity verification means in Internet banking (Patent Document 1).

The number of fraudulent transactions has been reported not only in Internet banking but also in transactions using more familiar cash cards. The typical method is as follows.
[Trick 1: Trick to attach skimming device to ATM card insertion slot]
A skimming device is attached to the card slot of the ATM to skim data on a magnetic stripe such as a cash card, and a small camera installed near the ATM illegally obtains the password entered by the depositor and creates a forged cash. Illegally withdraw deposits from overseas ATMs using cards.

[Tip 2: A counterfeiting method in which a cash card is extracted from a password-type locker or the like]
When a user of a security locker or security box at a golf course or the like enters a security code, he / she can use a security code such as a locker obtained by peeping from behind or stealing with a small camera. A locker or the like is opened without being noticed, and the skimming device skims data on the magnetic stripe of the cash card. In many cases, the password of the cash card is also used as the password of a locker or the like, and the bank account is used to illegally withdraw the deposit.

[Trick 3: Nest, car vandalism, laying, pickpocketing, snatching]
At the time of the crime, the cash card is stolen, and the deposit is withdrawn from the ATM by estimating the password from the stolen article together with the cash card.

[Tip 4: A trick of fraudulently dealing with the elderly and care recipients as "kindness"]
Trust other people through nursing care of elderly people living alone and care recipients, take care of their own banking transactions, keep passbooks, seals and cash cards, ask for passwords, and ask for transactions other than bank transactions requested Run and withdraw cash.

  On the other hand, the financial institution also adds a skimming prevention function to a cash card reading portion or writes a special symbol on a magnetic stripe and takes the cash card into an ATM in order to prevent illegal withdrawal by a forged cash card. At the time, a special operation is performed and a mechanism that makes skimming difficult is incorporated in the ATM, or a different special symbol is written on the magnetic stripe of the cash card every time the transaction is completed, and whether the transaction was made with a valid cash card Measures such as making it possible to make decisions.

  Furthermore, in order to prevent unauthorized withdrawal by a stolen cash card, it is easy for a third party to guess a password such as a date of birth or the like that cannot be set with a number that has a close relationship with the contractor. It is urging attention such as not using numbers.

  In the case of window transactions, which are the basics of transactions with financial institutions, personal authentication is performed using a passbook and a seal in principle. Passbooks and seals are constantly exposed to the danger of theft and forgery, and as long as the passbook exists and the seals match, there is no means to prevent this even if the transaction was substantially fraudulent. At most, it limits the amount of withdrawal per day. That is, if the seal and passbook are stolen, unauthorized transactions will be repeated within the limit unless the trader reports to the financial institution, and there is no means to prevent this.

JP 2008-123461 A

  In conducting social life and conducting economic activities, transactions with financial institutions are indispensable, and are widely used for economic activities such as depositing and borrowing funds, settlement of various prices, etc., regardless of individuals, corporations, or organizations. I have. Indeed, financial institutions are partners in social life and economic activities. In transactions with financial institutions, it is essential to eliminate fraudulent transactions in order to establish transaction security. To this end, various authentication items must ensure the security of an identity authentication system that prevents unauthorized transactions by checking the presence or absence of the initiative of a trader on an account basis. At the same time, the means of preventing fraudulent transactions must not impair the effectiveness of the transactions. Therefore, both security and speed need to be established simultaneously in a transaction.

  However, with regard to the above-mentioned measures against fraudulent transactions in Internet banking and ATM transactions, every time a financial institution develops a new authentication item and takes new measures to prevent fraudulent transactions, there is a new means to break the authentication item. It is the fact that it is provided in. For example, the provision of one-time passwords using e-mail etc., which is currently being used by many financial institutions as a measure to prevent illegal transactions in Internet banking, has caused personal computers used by users to be infected with malware (malicious malicious software) If they do, they include the risk of being leaked to a third party and cannot be a complete security measure. In fact, there is no way to prevent fraudulent transactions if you do not know that they have been stolen in a passbook and a seal window transaction.

  In addition, biometric authentication using fingerprints, palm prints, voice prints, faces, irises, and other biometrics has also begun to spread as an individual-specific authentication item. In the event that is stolen, there is a possibility that it will be analyzed and duplicated, and breached. Furthermore, since biometric information cannot be arbitrarily updated like a password, there is a fatal problem that security cannot be recovered for a lifetime once it has been broken through duplication. In addition, some people cannot use biometric authentication in some circumstances. Therefore, although the current identity authentication system has dramatically improved security through the construction of various security measures, there is always the possibility that the security measures can be broken, and illegal transactions are completely eliminated. The reality is that it cannot be prevented and security cannot be guaranteed.

  Therefore, the present invention provides a method for promptly conducting transactions from a viewpoint different from the conventional security enhancement of the personal identification system in order to ensure that everyone can smoothly transact with a financial institution without impairing the speed of transactions. It is an object of the present invention to provide a new personal identification method for a financial institution that prevents unauthorized transactions at a financial institution and ensures the security of transactions without impairing the performance.

  As a result of earnest research on ensuring the security of transactions at financial institutions, the present inventor has found that in the conventional personal authentication system as a measure to prevent illegal transactions, no matter how much protection measures are taken, authentication items as defense measures are stolen. They came up with new knowledge that it is necessary to prevent illicit transactions on the premise that there is a possibility that they will be broken, that is, on the premise that security measures will be broken. Based on this knowledge, even if the authentication system is broken down by unauthorized means, an authentication method for a new financial institution that ensures both security and speed of transaction is provided.

That is, the present invention is an identity authentication method for a financial institution to determine the presence or absence of a trader's initiative ability in a specific transaction with the financial institution, and includes an authentication item registered in advance with the financial institution, From the financial institution to collate and determine the agreement with the authentication item presented to the financial institution, and whether or not this authentication is completed using the contractor's contractor number detected from the authenticated authentication item as a key. It consists of a pre-process for acquiring information on the details of the transaction and the date and time of completion of the formal authentication, and an additional authentication that is separated and independent from the formal authentication and performs the following steps 1 to 5 sequentially. The present invention basically provides a personal authentication method in a financial institution, which requires an authentication.
Procedure 1: A procedure in which a trader calls a financial institution from a mobile phone through a telephone network of a communication carrier to transmit a caller ID.
Step 2: A step in which the financial institution checks and determines the agreement between the caller number transmitted in step 1 and the registered caller number of the trader registered in the financial institution in advance.
Step 3: A step in which the financial institution acquires the contractor number of the trader using the registered caller number contracted in step 2 as a key.
Step 4: The financial institution checks and determines whether or not the following verification items 1 to 3 are satisfied from the information obtained in the pre-processing based on the contract between the contractor number obtained in the step 3 and the contractor number obtained in the pre-processing. procedure.
Verification item 1: Transaction details are specified and confirmed.
Verification item 2: This certification has been completed.
Verification item 3: Within a predetermined time from the completion of the main authentication.
Step 5: A step of completing the additional authentication when the financial institution determines that the collation items 1 to 3 shown in Step 4 are satisfied.

  Then, the financial institution checks and determines whether or not the incoming number called from the trader to the financial institution matches the telephone number predetermined by the financial institution in addition to the procedure 1, and the financial institution determines the caller ID After obtaining the information, disconnect the line that was called, and after a certain period of time after the completion of the additional authentication, discard the information obtained in the pre-processing, leave the verification items 1 to 3 blank and do not complete the additional authentication Normally, the main authentication and the additional authentication are not completed.

  In addition, a smartphone is used as a mobile phone, and a call to a financial institution is performed via an additional authentication application on the Web, and a telephone number of the financial institution is displayed on the additional authentication application in a callable manner. Further, the telephone number of the financial institution is selected at random from a plurality of telephone numbers and displayed on the additional authentication application on the Web, and the transaction with the financial institution is an ATM transaction, an Internet banking transaction, or a window transaction. Are withdrawal, deposit, inquiry, change of personal items, or change of authentication means.

  The first feature of the present invention described above is that, in a specific transaction with a financial institution, a conventional personal authentication means is used as an identity authentication method for a financial institution to determine whether or not a trader has the independent ability. The method (final authentication in the present invention) in which the financial institution checks and determines the agreement between the authentication item registered in advance at the financial institution and the authentication item presented by the trader to the financial institution (the actual authentication in the present invention) In addition, additional authentication using the caller ID of the mobile phone, which is information that can be transmitted and cannot be forged, is combined to require authentication by additional authentication after completion of the main authentication. Therefore, even if the authentication item of the main authentication, which is the conventional personal authentication means, is stolen or forged, the presence of the additional authentication can reliably prevent unauthorized transactions, and the vulnerability of the conventional personal authentication system And the security of the transaction can be ensured. In addition, the additional authentication only requires the trader to make a call from a mobile phone to the financial institution through the telephone network of the communication carrier, so that everyone can smoothly deal with the financial institution without worrying about the speed of the transaction. It becomes possible.

  The second feature of the present invention is that the use of the caller ID of the mobile phone of the trader, which is information that can be transmitted and cannot be forged, as a key for determining whether or not additional authentication is performed, enables the conventional authentication item to be used. In addition to being able to eliminate the risk of being forged, it is possible to double assure security from both the object (mobile phone) and information (caller ID).

  A third feature of the present invention is that, in addition authentication, in addition to the collation and determination of the caller ID, it is necessary to satisfy three collation items as a condition for completing the additional authentication. Since it is required that “transaction details are specified and confirmed” as the collation item 1, it is performed on an account basis, and the conventional identity authentication consisting only of the actual authentication that enables the entire account to be transacted is performed. In contrast, since only the specific transactions for which the authentication has been completed are targeted, it is possible to ensure the security of the transactions for each specific transaction.

  Since the verification item 2 requires that “the main authentication has been completed.” Since the additional authentication is performed after the main authentication separately from the main authentication, it is assumed that the main authentication has been broken by unauthorized means. In addition, illegal transactions can be prevented by additional authentication, and fail-safe can be realized.

  Since the verification item 3 requires that “it must be within a predetermined time after the completion of the main authentication”, the time for the personal authentication can be set arbitrarily, and the main authentication and the additional authentication are linked to function as one. This makes it possible to add a security measure of time setting to additional authentication using the caller ID, which is information that cannot be forged and can be transmitted.

  A fourth feature of the present invention is that a caller ID is transmitted to a financial institution using a telephone network as a key, which can be used anytime and anywhere, and that a transaction that requires speed is effective. Does not impair the performance. Moreover, since the application on the Web is used, there is no need to install the application on a mobile phone such as a smartphone, and even if the mobile phone is exchanged, the same phone number can be used without any change. In addition, no communication charges are incurred because both the trader and the financial institution need only receive a call. Further, even if the mobile phone is lost, if the mobile phone itself is locked, it is possible to maintain the security of transaction security by additional authentication.

  Furthermore, even if the certification item of this certification is entrusted to a third party, additional certification can be performed by the trader himself. When requesting a financial transaction from a person, the security of the transaction can be controlled by himself or her family.

FIG. 1 is a basic conceptual diagram of a personal authentication method in a financial institution according to the present invention. FIG. 1 is a basic configuration diagram of the present invention. FIG. 1 is a basic configuration diagram of the present invention. FIG. 2 is a basic configuration diagram of the main authentication in the present invention. FIG. 4 is a basic configuration diagram of additional authentication according to the present invention. FIG. 3 is a detailed configuration diagram of additional authentication according to the present invention. FIG. 1 is a basic configuration diagram of an Internet banking transaction. FIG. 2 is a basic configuration diagram of an ATM transaction. Basic configuration diagram of window transaction. Explanatory drawing of the transmission method of a caller ID. The conceptual diagram which shows the idea of this invention.

  An embodiment of a personal authentication method in a financial institution according to the present invention will be described below with reference to the drawings. Transactions with a financial institution subject to the present invention include depositing, financing, currency exchange, securities, insurance, etc., in which the financial institution is required to confirm whether or not the institution has the independent ability at the time of the transaction. The term refers to general financial transactions, and typical transactions include withdrawal, deposit, inquiry, change of personal information, change of authentication means, and the like. For this reason, account transfers for automatically debiting utilities, taxes, credit card charges, and the like are excluded. The transactions targeted by the present invention are not comprehensive transactions between financial institutions and traders, but are individual transactions that are specifically executed. For this reason, the present invention does not confirm the independence of the trader on an account basis as in the prior art, but confirms it for each individual transaction.

  In addition, financial institutions cover not only credit unions, banks, agricultural cooperatives, securities companies, etc., but also non-banks such as credit companies, credit companies, leasing companies, etc., and are engaged in providing financial services widely. And It should be noted that the deposit does not require confirmation of the independence of the trader in the present situation, but may be included in the transaction which is the object of the present invention. Further, the transaction means is not limited, and may be an ATM transaction, an Internet banking transaction, a counter transaction, or other transaction means.

  FIG. 11 is a conceptual diagram showing the idea of the present invention. Conventionally, measures to prevent unauthorized transactions in the authentication R, which is the personal authentication means, have been strengthened by preventing various authentication items, such as “ID, password, cash card, personal identification number, passbook, and seal,” from being stolen. It is all about strengthening the defenses, that is, how to prevent the authentication items from being stolen. For example, "Measure 1: How to deal with the system so that the ID and password of Internet banking cannot be stolen" and "Measure 2: How to deal with so that the cash card is not forged". Specific examples of the measures 1 and 2 are as described above as the related art. However, even if measures 1 and 2 were newly constructed, new techniques were developed to break them, and the techniques became more sophisticated and complicated. Is also torn. This would be a "pretend play" between the defense measures for authentication items and the attack measures for illegal transactions, and not only would there be no end to countermeasures, but also a drastic solution, and the rapid spread of the current IT infrastructure And the security of financial transactions in line with changes in the social and living environment cannot be established. That is, it is not guaranteed that everyone deposits funds with a financial institution and conducts business with confidence. Therefore, as shown in the statistics of the illegal transaction, the damage caused by the illegal transaction is rapidly increased.

  Therefore, the present inventor makes a fundamental change in the idea, and no matter how much protection measures are taken, it is assumed that the defense measures will eventually break through and various authentication items will be stolen, and it is assumed that fraudulent transactions will occur. I got the idea that it was necessary to prevent it. Based on this idea, it is assumed that there are cases in which unauthorized transaction cannot be prevented by the formal authentication R, that is, “Premise 1: Internet banking ID / password may be stolen” “Premise 2: Cash To prevent fraudulent transactions, assuming that the security measures of this authentication R can be broken, such as that the card may be forged, "Premise 3: the security code may be stolen", etc. As a result of various studies on the personal authentication method, the security measures of this certification R were strengthened and improved, and in addition to this certification R, the personal authentication by additional authentication A separate and independent from this certification R was indispensable. The present inventor has conceived of the personal authentication P according to the present invention in which the authentication R and the additional authentication A are associated with each other.

  FIG. 1 is a basic conceptual diagram of a personal authentication method in a financial institution according to the present invention, FIGS. 2 and 3 are basic configuration diagrams, FIG. 4 is a basic configuration diagram of main authentication, and FIG. 5 is a basic configuration diagram of additional authentication. 6 is a detailed configuration diagram of the additional authentication. As shown in FIGS. 1 and 3, the trader 1 changes a specific transaction application 65 such as a withdrawal or a transfer from the state before the specific transaction application 60 to an ATM transaction 66 (automatic teller machine transaction) and an IB transaction 67. (Authentication R) is performed by presenting the authentication item 70 of the formal authentication R to the financial institution U in addition to (internet banking transaction) and the window transaction 68.

  The authentication method of the formal authentication R is the same method as the conventional personal authentication, and includes an authentication item registered by the trader 1 in advance at the financial institution U and an authentication item 70 presented by the trader 1 to the financial institution U. Is determined and collated by the financial institution U. The authentication item 70 is a conventionally used ID, password, cash card, passbook, seal, fingerprint or other living body. The financial institution U checks and determines the authentication item 70 presented in the same manner as in the past and the authentication item registered in the financial institution U, and completes the main authentication R if they match. If there is a difference, predetermined error processing is performed, the authentication R is not completed, the processing is terminated, and processing of the applied transaction is disabled as in the related art.

  In the present invention, upon receiving the main authentication completion 3, additional authentication A is further added. By the additional authentication completion 40, the personal authentication P (see FIG. 2) by both the main authentication R and the additional authentication A is completed, and the trader 1 is authenticated as the main person, and the specific transaction execution 200 becomes possible.

  As described above, the personal authentication P in the present invention is performed by a combination of the main authentication R similar to the conventional one and the additional authentication A newly added according to the present invention. It is performed in 20 two stages. The financial institution U stores, in a predetermined storage device such as the user management database 100 (see FIG. 6), various information relating to completion / incomplete of the main authentication R and the additional authentication A, specifically, the authentication information 110 and the contractor number information. 120, transaction information 130, transaction setting date information 140, transaction setting time information 150, and other necessary information are stored as additional authentication data C, and based on these various information, completion / incomplete of the additional authentication A and specific transactions It is determined whether or not execution is possible.

  The authentication information 110 is information on completion / incompletion of each of the main authentication R and the additional authentication A, and indicates “incomplete 115” indicating that both the main authentication R and the additional authentication A before the specific transaction application 60 are incomplete. And information indicating one of “final authentication completion 3” indicating that the additional authentication A has not been completed after the completion of the main authentication R, and “additional authentication completion 40” indicating the completion of both the main authentication R and the additional authentication A. It is.

  The contractor number information 120 is a contractor number 15 assigned and assigned to each contractor through all stores regardless of the head office / branch of the actual store of the financial institution U or a branch on the Internet. Contractor number 15 = 1: 1]. In the present invention, the contractor number information 120 is used to identify the trader 1 who performs the personal authentication P including the main authentication R and the additional authentication A.

  The transaction information 130 is specific transaction information applied from the trader 1 by a predetermined procedure such as an ATM transaction 66, an IB transaction 67, and a counter transaction 68, specifically, an application transmitted from the trader 1 to the financial institution U. This is the transaction content 131. The transaction setting date information 140 is information on a date when the formal authentication R is completed, and is “the current day 141” or a specific date. The transaction setting time information 150 is information on the time at which the formal authentication R was completed, and is “the formal authentication completion time 151”. The information displayed in the additional authentication data C can be appropriately selected by the financial institution U according to the content of the transaction.

Before completion of the main authentication R based on the collation and determination of the authentication item 70, the information of the additional authentication data C indicates that the authentication information 110 indicates that both the main authentication R and the additional authentication A have not been completed, as described below. 115, and all other information are blank 125, 135, 145, 155, and no information has been input.
Authentication information 110: Not completed 115
Contractor number information 120: blank 125
Transaction information 130: Blank 135
Transaction setting date information 140: Blank 145
Transaction setting time information 150: Blank 155

The financial institution U that has made the specific transaction application 65 and has completed the formal authentication R is a trader linked to the authentication item 70 of the formal authentication R such as an ID, a password, a cash card, a passbook, etc. presented by the trader 1. First, the contractor number 15 is searched, and the preprocessing 10 necessary for acquiring various information in the additional authentication data C is performed. After the main authentication is completed, the data of the additional authentication data C before the additional authentication is updated by the preprocessing 10, and the authentication information 110 indicates that the main authentication R is completed and the additional authentication A is not completed as described below. Is recorded as the main authentication completion 3, the specific contractor number 15 as the contractor number information 120, the application transaction contents 131 transmitted to the financial institution U as the transaction information 130, and the transaction setting date information 140 as the current day. 141, the main authentication completion time 151 is recorded as the transaction setting time information 150. At the same time, a notification for prompting the trader 1 to carry out the additional authentication A is sent via various means such as the Internet, ATM, and counter staff corresponding to the transaction means.
Authentication information 110: Final authentication completed 3
Contractor number information 120: Contractor number 15
Transaction information 130: Application transaction content 131
Transaction setting date information 140: 141 on that day
Transaction setting time information 150: Final authentication completion time 151

  Next, as shown in FIGS. 2 to 6, the financial institution U performs the additional authentication processing 20 by the following procedures 1 to 5.

[Procedure 1: A procedure in which the trader 1 calls the financial institution U from the mobile phone 5 through the telephone network 77 of the communication carrier 75 and transmits the caller number 25. ]
The trader 1 receives a notification of completion of the formal authentication R from the financial institution U and a notification for prompting the additional authentication A, and sends an appropriate notification from the mobile phone 5 having the caller number 25 (telephone number) registered in the financial institution U in advance. A call is made to the financial institution U to make a transaction through the telephone network 77 of the communication carrier 75, and the caller number 25 of the mobile phone 5 is transmitted to the financial institution U as information.

  At the time of the call, as shown in FIG. 10, the additional authentication application 6 on the Web is activated from the smartphone 5a, and the telephone number 7 randomly extracted from the telephone number group of the financial institution U is displayed on the additional authentication application 6. Is displayed so that a call can be made, so that the trader 1 can make a call to the financial institution U. In this way, the trader 1 does not need to store and record the telephone number 7 of the financial institution U, and does not need to download the additional authentication application 6 to the smartphone 5a. In addition, if toll-free is selected as the telephone number 7 of the financial institution U, it is possible to clearly indicate that the trader 1 does not need to bear the communication fee.

  In addition, the telephone number 7 of the financial institution U displayed on the additional authentication application 6 on the Web is shuffled and displayed every time the additional authentication application 6 on the Web is activated from a plurality of telephone number groups. More secure. As the mobile phone 5 to be used, it is basically to use the mobile phone 5 in its own name. However, even if the mobile phone 5 is in the name of another person, such as a family member, a caller number 25 (telephone number) is previously provided to the financial institution U. Can be used if the mobile phone 5 has registered the. The mobile phone 5 occupied by the trader 1 irrespective of its own name or the name of another person is preferred. By occupying the key, the key sender number 25 can be physically protected from a third party. In addition, since the mobile phone 5 is often carried at all times, and even if the mobile phone 5 is lost or stolen, the mobile phone 5 itself can be locked, so that the object (mobile phone 5) and information (transmission Security can be ensured from both sides of the user number 25). Although the fixed telephone can notify the caller number in the same manner as the mobile telephone 5, it is not used in the present invention because it cannot be carried, occupied, or locked. It is convenient to use a smartphone 5a as the mobile phone 5.

  In the present invention, by using the caller number 25 of the mobile phone 5 of the trader 1 which is information that can be transmitted and cannot be forged, as a key for determining whether or not the additional authentication A is permitted, the conventional authentication item 70 can be obtained. In addition to eliminating the risk of being counterfeited, it is possible to double secure security from both the object (mobile phone 5) and information (caller number 25). The caller number 25 corresponds to an authentication item such as a cash card, a personal identification number, an ID, a password, a living body, and a seal, which are the authentication items 70 in the existing main authentication R. The limitation of the authentication R is that no matter how the security measures are strengthened, the authentication item 70 may be stolen, forged or copied. In order to prevent fraudulent transactions and ensure the security of transactions, it is required that counterfeiting and duplication are impossible. In the present invention, counterfeiting, duplicating, and a concept similar thereto are referred to as forgery. Further, in order to ensure the effectiveness of preventing unauthorized transactions without impairing the speed of transactions, it is required that information can be transmitted smoothly as information. Therefore, the present invention focuses on things that cannot be counterfeited, can be transmitted as information, and further focuses on things that most of the traders possess. Attention was paid to the caller number 25 notified to the destination as the number notification.

  The caller number notification is a service for notifying a callee (ie, financial institution U) of a caller (ie, trader 1) 's telephone line number (telephone number) as a caller number 25 during a call. The side can obtain the notified caller number 25 as information. This caller number 25 is also displayed as a forgery before, specifically, before 2005, and if you answer the phone as a genuine caller, there will be cases such as fraud, etc. Had become. For this reason, the "Telecommunications Carriers Association" established the "Guidelines for Displaying Caller ID Impersonation" in 2005, and in accordance with these guidelines, telecommunications carriers (that is, communication carriers 75) that have transmission line facilities are provided. ), The necessary countermeasures have been taken, so there is no risk of forgery at present. In addition, since information is automatically transmitted by a call, a complicated procedure for information transmission is not required, and anyone can use the information. The penetration rate of the mobile phone 5 has already exceeded 120% with respect to the population, and the smartphone 5a has rapidly spread from 50%, so that it has been established as an IT infrastructure. In particular, for users such as Internet banking, the smartphone 5a is the most familiar information tool.

  Therefore, in the present invention, the caller number 25 of the mobile phone 5, particularly the caller number 25 of the smartphone 5a, is used as a key for the additional authentication A as information that can be transmitted and cannot be forged. The information is not limited to the caller number 25, and other information that can be transmitted and cannot be forged can be used.

  The financial institution U that has received the call from the trader 1 via the additional authentication application 6 on the Web confirms the incoming call 21 (after one call), and then disconnects the line 23. As a result, the caller number 25 of the smartphone 5a used by the trader 1 is transmitted to the financial institution U as information via the telephone network 77 of the communication carrier 75, and the financial institution U obtains the caller number and the receiving number 22. It can be performed.

[Procedure 2: A procedure in which the financial institution U checks and determines the agreement between the sender number 25 transmitted in the procedure 1 and the registered sender number 161 of the trader 1 registered in the financial institution U in advance. ]
The financial institution U having acquired the caller number 25 transmitted from the trader 1 as information performs the collation determination 26 with the registered caller number 161 in the registered caller number management information 160 registered in the user management database 100. The caller ID inquiry 24 is performed. If the caller number 25 and the registered caller number 161 are different, the additional authentication A is not completed and the processing is terminated 27, and the execution of the transaction shown in the application transaction content 131 is determined to be impossible.

[Procedure 3: A procedure in which the financial institution U acquires the contractor number 15 of the trader 1 using the registered sender number 161 contracted in the procedure 2 as a key. ]
When the caller number 25 and the registered caller number 161 match, the contractor number acquisition for acquiring the contractor number 15 in the contractor management information 170 registered in the user management database 100 using the registered caller number 161 as a key. Perform Step 16.

  In addition, in order to collate and determine that the telephone number 7 used by the trader 1 to call the financial institution U is a genuine number, the incoming call number 181 in the incoming call number management information 180 registered in the user management database 100 is used. An incoming call number inquiry 28 for performing a collation determination 29 of is performed. In addition, the financial institution U prepares a plurality of incoming numbers 181 from the second incoming number 182 to the n-th incoming number 183, and changes them periodically to further enhance security. In addition, other incoming number information 184 can be registered in the incoming number management information 180 as needed. When using the additional authentication application 6 on the Web, it is preferable that the change is performed on the additional authentication application 6 periodically or each time. If the incoming numbers 181 match, the collation of the collation items 1 to 3 shown in the procedure 4 is performed. On the other hand, if the telephone number 7 called by the trader 1 is different from the genuine incoming number 181, the additional authentication A is not completed and the processing is terminated 30, and the processing with the application transaction content 131 is determined to be impossible. .

[Procedure 4: The financial institution U satisfies the following collation items 1 to 3 from the information acquired in the preprocessing 10 by the contract between the contractor number 15 acquired in the procedure 3 and the contractor number 15 acquired in the preprocessing 10. Procedure to check / determine presence / absence. ]
Using the contractor number 15 obtained in step 3 as a key, the financial institution U performs a collation item inquiry 31 for performing collation determination 32 on whether or not the collation items 1 to 3 are satisfied with respect to the various information acquired in the preprocessing 10. Do.

Verification item 1: Transaction details are specified and confirmed.
Verification item 2: This certification has been completed.
Verification item 3: Within a predetermined time from the completion of the main authentication.

  First, the application transaction content 131 as a specific transaction to be subjected to the additional authentication A is specified, and items (contractor, account name, account number, etc.) required for specifying the transaction are determined. As the collation item 1, the collation determination 32 is performed on the application transaction content 131 recorded as the transaction information 130 in the additional authentication data C. Next, since the additional authentication A is based on the premise that the main authentication R has been completed, the collation determination 32 is performed with the completion / incomplete of the main authentication R as the verification item 2. Further, the fact that the time is within a predetermined time set from the completion of the main authentication 3 is set as a collation item 3, and the transaction setting date information 140 and the transaction setting time information 150 of the additional authentication data C are recorded on the current day 141, the main authentication completion time. Then, a collation determination 32 is performed on 151. Note that other items may be added to the collation items 1 to 3 as collation items.

[Procedure 5: A procedure in which the additional authentication A is completed when the financial institution U determines that the collation items 1 to 3 shown in the procedure 4 are satisfied. ]
If all of the collation items 1 to 3 match, as shown in step 5, the additional authentication A is completed, and the authentication information 110 is updated to the additional authentication completion 40. As a result, both the main authentication R and the additional authentication A are completed, and a specific transaction execution 200 is performed. When the specific transaction execution 200 is completed, the post-processing 50 is performed, the additional authentication data C is reset 210 to the state before the specific transaction application 60, the authentication information 110 is not completed 115, the contractor number information 120, the transaction information 130 , Transaction setting date information 140 and transaction setting time information 150 are updated so as to be blanks 125, 135, 145, and 155, respectively. On the other hand, if at least one of the collation items 1 to 3 is different, the additional authentication A is not completed and the processing is ended 33, and the execution of the transaction based on the application transaction content 131 is determined to be impossible. In addition, after the completion of the additional authentication 40, the monitoring timer activation 35 is performed, and when the specific transaction execution 200 is not performed within a set time from the state in which the specific transaction execution 200 is possible, and when the above-described process ends 27, 30, and 33 are completed. Also in the case of performing, the post-processing 50 is performed, and the additional authentication data C is reset 210 to the state before the specific transaction application 60 and updated.

[IB transaction]
The IB transaction 67 (Internet banking transaction) using the personal authentication method in the financial institution according to the present invention having the above configuration will be described with reference to the basic configuration diagram shown in FIG. When the trader 1 performs IB access 251 from the Web browser of the Internet terminal 250 via the Internet 270 to establish security communication 230 with the Internet server of the financial institution U, the financial institution U obtains a login screen. 231 to display the login screen 252 on the Internet terminal 250. According to the request on the login screen 252, the trader 1 inputs the authentication item 70 (ID 253, login password 254) and logs in 255.

  The financial institution U performs the authentication item inquiry 232 to the user management database 100 as the final authentication R by performing an authentication item inquiry 232 for collating and judging 233 the validity of the input authentication item 70 (ID 253, login password 254). If the authentication item 70 matches the authentication item registered in the user management database 100, a predetermined login process is performed, a login completion screen 258 is displayed on the Internet terminal 250, and then the transaction screen 259 is displayed. indicate. On the other hand, if the authentication items 70 are different, error processing 234 is performed, and the information is displayed on the Internet terminal 250 to prompt re-entry, or predetermined processing such as ending the transaction is performed.

  Next, the trader 1 inputs the transaction information 130 and the transaction confirmation number 260 from the transaction screen 259, and the financial institution U performs a transaction confirmation number inquiry 235. The transaction information 130 is information for specifying a specific transaction requested by the trader 1 with respect to the financial institution U, specifically, the application transaction content 131 transmitted from the trader 1 to the financial institution U. The transaction confirmation number 260 is a password at the time of the transaction, and is given separately from the login password 254 used when logging in. The financial institution U checks the transaction confirmation number 260 for validity or not based on the transaction confirmation number inquiry 235, and determines that the final authentication R is the final authentication completion 3 if they match. On the other hand, if the transaction confirmation number 260 is different, error processing 237 is performed, and the information is displayed on the Internet terminal 250 to prompt re-entry, or predetermined processing such as ending the transaction is performed. The processing method of the final authentication R so far is the same as the conventional IB transaction.

  The financial institution U that has completed the formal authentication 3 acquires the contractor number 15 of the formalist 1 linked to the authentication item 70 of the formal authentication R input from the formalist 1 from the user management database 100, and adds A pre-processing 10 necessary for acquiring various information in the authentication data C is performed. As described above, the contents are authentication information 110, contractor number information 120, transaction information 130, transaction setting date information 140, transaction setting time information 150, and other necessary information.

  The financial institution U that has completed the pre-processing 10 displays the additional authentication request screen 262 on the Internet terminal 250 via the Internet 270, and requests the transaction 1 for the additional authentication A. The trader 1 having received the request for the additional authentication processing 20 from the financial institution U activates the additional authentication application 6 on the Web on the smartphone 5a, and makes a call 8 via the telephone network 77 of the communication carrier 75 according to the display. Then, a call is made to the financial institution U. The financial institution U obtains the caller number 25 (telephone number) of the smart phone 5a of the trader 1 as information by performing the disconnection 23 after receiving the call 21 from the trader 1 as information, and according to the above-described procedure. Since the additional authentication process 20 is performed and the personal authentication P (see FIG. 2) by both the main authentication R and the additional authentication A is completed by the additional authentication completion 40, the transaction process 38 is performed, and the transaction is executed by the accounting system 190. 191 is performed.

  At the same time, the transaction completion screen 263 is displayed on the Internet terminal 250 via the Internet 270, and the monitoring timer is activated 35 as shown in FIG. C is reset 210 to update to the state before the specific transaction application 60. In the case where the main authentication R is not completed and the additional authentication A is not completed, the additional authentication data C is similarly updated to the state before the specific transaction application 60.

[ATM transactions]
An ATM transaction 66 (transaction using a cash card or passbook and a personal identification number) using the personal authentication method in the financial institution according to the present invention having the above-described configuration will be described based on the basic configuration diagram shown in FIG. The trader 1 inserts the authentication item 70 (cash card 301 or passbook 302) from the ATM 300 and inputs the transaction information 303 and the authentication item 70 (password 304) from the closed network 320 of the financial institution U. The financial institution U performs an input message check 310 input from the ATM 300 and, as a final authentication R, an authentication item inquiry for verifying 312 whether the input authentication item 70 (the cash card 301 or the passbook 302 and the password 304) is correct or not. 311 is performed on the user management database 100, and when the authentication item 70 matches the authentication item registered in the user management database 100, the main authentication R is set to the main authentication completion 3. The processing method of the final authentication R so far is the same as the conventional ATM transaction. On the other hand, if the authentication items 70 are different, an error process 313 is performed, and the information is displayed on the ATM 300 via the closed network 320 to prompt re-entry, or a predetermined process such as ending the transaction is performed. .

  The financial institution U that has completed the formal authentication 3 acquires the contractor number 15 of the formalist 1 linked to the authentication item 70 of the formal authentication R input from the formalist 1 from the user management database 100, and adds A pre-processing 10 necessary for acquiring various information in the authentication data C is performed. As described above, the contents are authentication information 110, contractor number information 120, transaction information 130, transaction setting date information 140, transaction setting time information 150, and other necessary information.

  The financial institution U that has completed the pre-processing 10 displays the additional authentication request screen 305 on the ATM 300 and requests the transaction 1 for the additional authentication A. The trader 1 receiving the request for the additional authentication processing 20 from the financial institution U activates the additional authentication application 6 on the Web by the smartphone 5a, and makes a call 8 via the telephone network 77 of the communication carrier 75 according to the display. Then, a call is made to the financial institution U. The financial institution U obtains the caller number 25 (telephone number) of the smart phone 5a of the trader 1 as information by performing the disconnection 23 after receiving the call 21 from the trader 1 as information, and according to the above-described procedure. Since the additional authentication process 20 is performed and the personal authentication P (see FIG. 2) by both the main authentication R and the additional authentication A is completed by the additional authentication completion 40, the transaction process 38 is performed and the account system 190 executes the transaction. 191 is performed.

  At the same time, the transaction completion screen 306 is displayed on the ATM 300 via the closed network 320, and the monitoring timer is activated 35 as shown in FIG. Is reset 210 to update to the state before the specific transaction application 60. In the case where the main authentication R is not completed and the additional authentication A is not completed, the additional authentication data C is similarly updated to the state before the specific transaction application 60.

[Trading]
The contact transaction 68 using the personal authentication method in the financial institution according to the present invention having the above configuration will be described with reference to the basic configuration diagram shown in FIG. The trader 1 submits a passbook 352 and an imprint 353 to the counter staff of the financial institution U as a transaction slip 351 describing the transaction content and an authentication item 70 at the counter 350. The contact staff of the financial institution U receives these, performs an input message check 370, and performs, as a final authentication R, an authentication item inquiry 371 for collating and determining 372 whether the input authentication item 70 (passbook 352, seal 353) is correct or not. When the authentication is performed on the user management database 100 and the authentication item 70 matches the authentication item registered in the user management database 100, the main authentication R is set to the main authentication completed 3. The processing method of the formal authentication R so far is the same as the conventional counter transaction. On the other hand, if the authentication items 70 are different, error processing 373 is performed, and the information is transmitted from the contact person to the trader 1 to prompt re-submission, or predetermined processing such as ending the transaction is performed.

  The financial institution U that has completed the formal authentication 3 acquires the contractor number 15 of the formalist 1 linked to the authentication item 70 of the formal authentication R input from the formalist 1 from the user management database 100, and adds A pre-processing 10 necessary for acquiring various information in the authentication data C is performed. As described above, the contents are authentication information 110, contractor number information 120, transaction information 130, transaction setting date information 140, transaction setting time information 150, and other necessary information.

  The financial institution U that has completed the preprocessing 10 makes an additional authentication request 355 to the trader 1 and requests the trader 1 to perform the additional authentication processing 20. The trader 1 having received the request for the additional authentication processing 20 from the financial institution U activates the additional authentication application 6 on the Web on the smartphone 5a, and makes a call 8 via the telephone network 77 of the communication carrier 75 according to the display. Then, a call is made to the financial institution U. The financial institution U obtains the caller number 25 (telephone number) of the smart phone 5a of the trader 1 as information by performing the disconnection 23 after receiving the call 21 from the trader 1 as information, and according to the above-described procedure. Since the additional authentication process 20 is performed and the personal authentication P (see FIG. 2) by both the main authentication R and the additional authentication A is completed by the additional authentication completion 40, the transaction process 38 is performed, and the transaction is executed by the accounting system 190. 191 is performed.

  At the same time, the counter staff transmits a transaction completion report 356 to the trader 1 and activates a monitoring timer 35 as shown in FIG. 6, and after a predetermined time has elapsed, performs post-processing 50 and transmits the additional authentication data C. Reset 210 to update to the state before the specific transaction application 60. In the case where the main authentication R is not completed and the additional authentication A is not completed, the additional authentication data C is similarly updated to the state before the specific transaction application 60.

  The first feature of the present invention described above is that, in a specific transaction with a financial institution, a conventional personal authentication means is used as an identity authentication method for a financial institution to determine whether or not a trader has the independent ability. The method (final authentication in the present invention) in which the financial institution checks and determines the agreement between the authentication item registered in advance at the financial institution and the authentication item presented by the trader to the financial institution (the actual authentication in the present invention) In addition, additional authentication using the caller ID of the mobile phone, which is information that can be transmitted and cannot be forged, is combined to require authentication by additional authentication after completion of the main authentication. Therefore, even if the authentication item of the main authentication, which is the conventional personal authentication means, is stolen or forged, the presence of the additional authentication can reliably prevent unauthorized transactions, and the vulnerability of the conventional personal authentication system And the security of the transaction can be ensured. In addition, the additional authentication only requires the trader to make a call from a mobile phone to the financial institution through the telephone network of the communication carrier, so that everyone can smoothly deal with the financial institution without worrying about the speed of the transaction. It becomes possible.

  The second feature of the present invention is that the use of the caller ID of the mobile phone of the trader, which is information that can be transmitted and cannot be forged, as a key for determining whether or not additional authentication is performed, enables the conventional authentication item to be used. In addition to being able to eliminate the risk of being forged, it is possible to double assure security from both the object (mobile phone) and information (caller ID).

  A third feature of the present invention is that, in addition authentication, in addition to the collation and determination of the caller ID, it is necessary to satisfy three collation items as a condition for completing the additional authentication. Since it is required that “transaction details are specified and confirmed” as the collation item 1, it is performed on an account basis, and the conventional identity authentication consisting only of the actual authentication that enables the entire account to be transacted is performed. In contrast, since only the specific transactions for which the authentication has been completed are targeted, it is possible to ensure the security of the transactions for each specific transaction.

  Since the verification item 2 requires that “the main authentication has been completed.” Since the additional authentication is performed after the main authentication separately from the main authentication, it is assumed that the main authentication has been broken by unauthorized means. In addition, illegal transactions can be prevented by additional authentication, and fail-safe can be realized.

  Since the verification item 3 requires that “it must be within a predetermined time after the completion of the main authentication”, the time for the personal authentication can be set arbitrarily, and the main authentication and the additional authentication are linked to function as one. This makes it possible to add a security measure of time setting to additional authentication using the caller ID, which is information that cannot be forged and can be transmitted.

  A fourth feature of the present invention is that a caller ID is transmitted to a financial institution using a telephone network as a key, which can be used anytime and anywhere, and that a transaction that requires speed is effective. Does not impair the performance. Moreover, since the application on the Web is used, there is no need to install the application on a mobile phone such as a smartphone, and even if the mobile phone is exchanged, the same phone number can be used without any change. Since there is only a need for incoming calls to both the transaction and the financial institution, no communication charges are incurred. Further, even if the mobile phone is lost, if the mobile phone itself is locked, it is possible to maintain the security of transaction security by additional authentication.

  Furthermore, even if the certification item of this certification is entrusted to a third party, additional certification can be performed by the trader himself. When requesting a financial transaction from a person, the security of the transaction can be controlled by himself or her family.

U ... Financial institution P ... Authentication R ... Authentication A ... Additional authentication 10 ... Pre-processing 20 ... Additional authentication processing 50 ... Post-processing 1 .... Trader 3 .... Authentication completed 5 ... Mobile phone 5a ... Smartphone 6 ... Additional authentication application 7: Telephone number 8: Outgoing call 15: Contractor number 16: Obtain contractor number 21 ... Incoming call 23 ... Disconnect line 24 ... Caller ID inquiry 25 ... Caller ID 26, 29, 32, 233, 236, 312, 372 ... Verification judgment 27, 30, 33 ... Processing end 28 ... Inquiry number inquiry 31 ... Verification item inquiry 35 ... Monitoring timer start 38 ... Transaction processing 40 ... Additional authentication completion 60 ... Before specific transaction application 65 ... Specific transaction application 66 ... ATM Transaction 67 ... IB transaction 68 ... Window transaction 70 ... Authentication item 75 ... Communication carrier 77 ... Telephone network 100 ... User management database 110 ... Authentication information 120 ... Contract Party number information 130, 303 ... Transaction information 131 ... Application transaction details 140 ... Transaction setting date information 141 ... Same day 150 ... Transaction setting time information 151 ... Final authentication completion time 125, 135, 145, 155 ... Blank 160 ... Registered sender number Management information 161: Registered sender number 170 ... Contractor management information 180 ... Incoming number management information 181: Incoming number 190 ... Account system 191 ... Execute transaction 200 ... Execute specific transaction 210 ... Reset 230 ... Establish security communication 231 ... Log in Screen acquisition 232, 311, 371: Authentication item inquiry 235: Transaction confirmation number inquiry 234, 237, 313, 373 ... Error processing 250 ... Internet terminal 251 ... IB access 252 ... Login screen 253 ... ID
254: Login password 255: Login 258: Login completion screen 260: Transaction confirmation number 262, 305: Additional authentication request screen 263, 306: Transaction completion screen 300: ATM
301 ... cash card 302 ... passbook 304 ... password 310, 370 ... input message check 320 ... closed network 350 ... window 351 ... transaction slip 352 ... passbook 353 ... seal 355 ... additional authentication request 356 ... transaction completion report

Claims (11)

In a specific transaction with a financial institution, an identity authentication method for a financial institution to determine whether or not a trader has the independent ability,
This authentication in which the financial institution checks and determines the agreement between the authentication item registered in advance at the financial institution and the authentication item presented by the trader to the financial institution,
A pre-process of acquiring information on whether or not the main authentication has been completed, the content of a specific transaction, and the date and time of the main authentication completion, using the contractor number of the trader detected from the authentication item of the main authentication as a key;
A personal authentication method in a financial institution, wherein the additional authentication is separate and independent from the main authentication, and comprises an additional authentication in which the following steps 1 to 5 are sequentially performed.
Procedure 1: A procedure in which a trader calls a financial institution from a mobile phone through a telephone network of a communication carrier to transmit a caller ID.
Step 2: A step in which the financial institution checks and determines the agreement between the caller number transmitted in step 1 and the registered caller number of the trader registered in the financial institution in advance.
Step 3: A step in which the financial institution acquires the contractor number of the trader using the registered caller number contracted in step 2 as a key.
Step 4: The financial institution checks and determines whether or not the following verification items 1 to 3 are satisfied from the information obtained in the pre-processing based on the contract between the contractor number obtained in the step 3 and the contractor number obtained in the pre-processing. procedure.
Verification item 1: Transaction details are specified and confirmed.
Verification item 2: This certification has been completed.
Verification item 3: Within a predetermined time from the completion of the main authentication.
Step 5: A step of completing the additional authentication when the financial institution determines that the collation items 1 to 3 shown in Step 4 are satisfied.   2. The personal authentication in a financial institution according to claim 1, wherein the financial institution checks and determines whether or not the incoming number called from the trader to the financial institution matches a telephone number predetermined by the financial institution in addition to the procedure 1. Method.   3. The personal authentication method for a financial institution according to claim 1, wherein the financial institution disconnects the line after the caller's number is acquired.   4. The financial institution according to claim 1, wherein a predetermined time has elapsed after the completion of the additional authentication, the information acquired in the preprocessing is discarded, the verification items 1 to 3 are blank, and the additional authentication is not completed. Authentication method in.   The personal authentication method in a financial institution according to claim 1, 2, 3, or 4, wherein the main authentication and the additional authentication are always in an unauthenticated state.   The personal identification method in a financial institution according to claim 1, 2, 3, 4, or 5, wherein a smartphone is used as the mobile phone.   7. The personal authentication method for a financial institution according to claim 1, 2, 3, 4, 5, or 6, wherein the call to the financial institution is performed via an additional authentication application on the Web.   7. The call to a financial institution is performed via an additional authentication application on the Web, and the telephone number of the financial institution is displayed on the additional authentication application in a callable manner. The personal authentication method at the financial institution described.   9. The personal authentication method for a financial institution according to claim 8, wherein the telephone number of the financial institution is selected at random from a plurality of telephone numbers and displayed on the additional authentication application on the Web.   10. The personal authentication method in a financial institution according to claim 1, wherein the transaction with the financial institution is an ATM transaction, an Internet banking transaction or a window transaction.   11. The financial institution according to claim 1, 2, 3, 4, 5, 6, 7, 8, 9 or 10, wherein the transaction with the financial institution is withdrawal, deposit, inquiry, change of personal information or change of authentication means. Identity authentication method.

Images